what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2018-04-06

Slackware Security Advisory - patch Updates
Posted Apr 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New patch packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1000156
SHA-256 | 9eb9cfbbe11a6420a160a6c790e91163ae73f2e165e76b1dfd042906008e3180
Dell EMC Avamar / Integrated Data Protection Missing Access Control
Posted Apr 6, 2018
Authored by Kapil Khot | Site emc.com

The Dell EMC Avamar Installation Manager component, within Dell EMC Avamar Server and Integrated Data Protection Appliance, is affected by a missing access control vulnerability. Dell EMC Avamar Server versions 7.3.1, 7.4.1, 7.50 and Dell EMC Integrated Data Protection Appliance versions 2.0 and 2.1 are affected.

tags | advisory
advisories | CVE-2018-1217
SHA-256 | bc0a9071db43bf513962de4bda5906b92686e69bb48f1b92b6901540dcc7b01d
Ubuntu Security Notice USN-3596-2
Posted Apr 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3596-2 - USN-3596-1 fixed vulnerabilities in Firefox. The update caused an issue where it was not possible to customize the toolbars when running Firefox in Unity. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. It was discovered that the fetch API could incorrectly return cached copies of no-store/no-cache resources in some circumstances. A local attacker could potentially exploit this to obtain sensitive information in environments where multiple users share a common profile. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5126, CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5133, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, CVE-2018-5141, CVE-2018-5142, CVE-2018-5143
SHA-256 | e494dec5d0c796d9460535c0b44c093d5932022a735b81473a1415ba41c11a0f
Red Hat Security Advisory 2018-0647-01
Posted Apr 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0647-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.7.0. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5144, CVE-2018-5145, CVE-2018-5146
SHA-256 | 957d86557bc84b1dd2569edbabf90e5edcbf056f4a14134dc33d22a5c8904042
Video Downloader Universal Cross Site Scripting
Posted Apr 6, 2018
Authored by Tavis Ormandy, Google Security Research

The Video Downloader Chrome extension suffers from a universal cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b5da74f181d1f9d011fafbb0bdf6621ecd124de93f2688457aaf9d1ad4cce81f
Ubuntu Security Notice USN-3619-2
Posted Apr 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3619-2 - USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-11472, CVE-2017-15129, CVE-2017-16528, CVE-2017-16532, CVE-2017-16536, CVE-2017-16537, CVE-2017-16645, CVE-2017-16646, CVE-2017-16649, CVE-2017-16650, CVE-2017-16911, CVE-2017-16912, CVE-2017-16913, CVE-2017-16914, CVE-2017-16994, CVE-2017-16995, CVE-2017-17448, CVE-2017-17449, CVE-2017-17450, CVE-2017-17558, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807
SHA-256 | 38b18f0521488f7e9524a5f8e492f7ad41f5c91d876a8aea56b6215d3c63309b
Debian Security Advisory 4167-1
Posted Apr 6, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4167-1 - A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

tags | advisory, overflow, arbitrary, shell
systems | linux, debian
advisories | CVE-2018-1000097
SHA-256 | 0593f128371e25d3e867f667d6c7e228ed60a7108583323d3b760e39925a1cd7
Cobub Razor 0.7.2 Cross Site Request Forgery
Posted Apr 6, 2018
Authored by ppb

Cobub Razor version 0.7.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-7746
SHA-256 | 0db6915869c7d49a6e5a4a1d751ebde9a62576b44ca5f347ff1ece03c3e9fb20
Cockpit CMS 0.13.0 Server Side Request Forgery
Posted Apr 6, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14611
SHA-256 | bb9d51a2d563f68c1b06acdd86fb3398e16932eeb518fbffe5169b60bd4b3a86
LineageOS 14.1 Blueborne Remote Code Execution
Posted Apr 6, 2018
Authored by Marcin Kozlowski

LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-0781
SHA-256 | 118abf176aea0790980dec87b92c424f9758c2fd8db35e43bc7364522de3fcfa
WebKit WebAssembly Missing Order Check
Posted Apr 6, 2018
Authored by Google Security Research, natashenka

When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder() does not adequately check that sections are in the correct order when a binary contains custom sections.

tags | exploit
SHA-256 | 15351af9cc68683eec7e8a50927fc26e0ef2b26e642ed477293a4452012a2165
Onethink CMS Server Side Request Forgery
Posted Apr 6, 2018
Authored by Jiawang Zhang, Qian Wu, Bo Wang

Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-14323
SHA-256 | aad2879de55bb8ba9ba5796d011af0f016e871cd9b6bf150c3994af20e87b21e
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close